会话初始化协议(SIP)提供了认证和协商会话密钥,能保证后续会话的安全.2010年,Yoon等(YOON E-J,YOO K-Y.A three-factor authenticated key agreement scheme for SIP on elliptic curves.NSS'10:4th International Conference on Network and System Security.Piscataway:IEEE,2010:334-339)提出一种新的三要素SIP认证密钥协商协议TAKASIP.但TAKASIP协议不能抵抗内部攻击、服务器伪装攻击、离线口令猜测攻击、身份冒充攻击和丢失标记攻击,并且没有提供双向认证.在TAKASIP协议基础上提出一种基于椭圆曲线密码三要素SIP认证协议ETAKASIP以解决上述问题.ETAKASIP基于椭圆曲线离散对数难题和椭圆曲线密码系统,提供了高安全性.该协议只需7次椭圆曲线点乘运算、1次椭圆曲线加法运算和最高6次哈希运算,有较高的运算效率.%Session Initiation Protocol (SIP) provides authentication and session key agreement to ensure the security of the successive session. In 2010, Yoon et al. ( YOON E-J, YOO K-Y. A three-factor authenticated key agreement scheme for SIP on elliptic curves. NSS '10: 4th International Conference on Network and System Security. Piscataway: IEEE, 2010: 334 -339.) proposed a three-factor authenticated key agreement scheme named TAKAS|P for SIP. However, the scheme is vulnerable to insider attack, server-spoofing attack, off-line password attack, and losing token attack. Moreover, it does not provide mutual authentication. To overcome these flaws of TAKASIP, a new three-factor authentication scheme named ETAKASIP based on Elliptic Curve Cryptosystem ( ECC) was proposed. ETAKASIP, on the basis of elliptic curve discrete logarithm problem, provides higher security than TAKAsn>. It needs 7 elliptic curve scalar multiplication operations, 1 additional operation and up to 6 Hash operations, and of high efficiency.
展开▼
